Slashdot Mirror
Now On Video: GCHQ Destroying Laptop Full of Snowden Disclosures
An anonymous reader writes "On Saturday 20 July 2013, in the basement of the Guardian's office in Kings Cross, London, watched by two GCHQ technicians, Guardian editors destroyed hard drives and memory cards on which encrypted files leaked by Edward Snowden had been stored. This is the first time footage of the event has been released."
In fact they claim it was made completely clear to the head honcho ordering the destruction that other copies did in fact exist and that this display would not change anything. It was purely a PR/attempted intimidation stunt.
--- Most topics have many sides worth arguing, allow me to take one opposite you.
Actually I was alluding to common practices going back many centuries, so well done on leaping to conclusions.
When your server gets rooted by a hacker, every security professional worth his money will tell you to wipe it and do a complete reinstall. There is no way to clean up the system without that where you can be certain that there's not a backdoor left somewhere you didn't look.
Those were the good ol' days. These days everybody knows there are half a dozen backdoors in the various firmwares that even an OS wipe won't get. (disk, network, bios, etc)
Generally when deleted files are able to be recovered, the bytes of the files weren't actually overwritten, they were merely marked as deleted by the filesystem.
Theoretically, when a file has been overwritten with known data, it is possible to use an electron microscope to recover what was there before, but as far as know, no one has been able to actually achieve this. Especially with modern hard drives that are more dense.
"First they came for the slanderers and i said nothing."
You can overwrite the drive 50 times and you can not be certain that the data is unrecoverable.
Bullshit. If your drive works fine, even after single (or two, if you are paranoiac) overwrite with random data no-fucking-body in the whole universe will recover anything.
There's a reason the military shreds harddrives when it disposes of them.
But for completely different reasons what you think, its because:
- your drive might be faulty so the overwrite is actually not performed
- could be faster (overwrite of big disk can take hours)
- the destruction can be performed by IT-ignorant, non-technical guy
- the destruction process can be easily CONTROLLED by another non-technical persons.
This last one is actually main reason: in such process there are usually more people involved which "watch each other". ...
However control of soft (data-only) destruction is very difficult: even if all involved people would be highly technically capable (including your commanding officer), It is difficult to assure that the other guy does not use (intentionally or unintentionally) wrong, hacked or faulty software, does not make copy during overwrite, makes proper control read after the process etc
You can overwrite the drive 50 times and you can not be certain that the data is unrecoverable.
Actually, this is an old myth, which had some truth to it when hard disk weren't operating at the known physical limits. Then you could actually read some erased information by using a more sensitive magnetic head, which was able to tell the difference between a former one overwritten by zero and a former zero overwritten by zero. But this is no longer so. Any reserves that might have been in the magnetic surface of disk are now used to increase information density. The most sensitive reading heads available are those already built into the hard disks. Overwrite a section of the disk with zeros (or ones, whatever you like), and you can be sure that the information formerly there is safely overwritten.